Authenitcation 실패시 Shiro LDAP 영역을 반복합니다.

이상한 오류가 발생합니다. Shiro LDAP에 유효한 사용자/암호를 전달하면 모두 괜찮습니다. 그러나 조합이 유효하지 않은 경우 예외가 발생하고 Shiro 영역 코드를 통해 루핑을 계속합니다. 디버거에서는 단지 Shiro 코드에 머물러 있습니다. 단 하나의 무시 방법을 제외하면Authenitcation 실패시 Shiro LDAP 영역을 반복합니다.

public class MyJndiLdapRealm extends JndiLdapRealm { 


public MyJndiLdapRealm() { 
    super(); 
} 

@Override 
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, 
     LdapContextFactory ldapContextFactory) 
throws NamingException { 

Object principal = token.getPrincipal(); 
Object credentials = token.getCredentials(); 

principal = getLdapPrincipal(token); 

LdapContext ctx = null; 
try { 
    ctx = ldapContextFactory.getLdapContext(principal, credentials); 

    //context was opened successfully, which means their credentials were valid. Return the AuthenticationInfo: 
    return createAuthenticationInfo(token, principal, credentials, ctx); 
} finally { 
    LdapUtils.closeContext(ctx); 
} 

} 



      <bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean"> 
    <property name="securityManager" ref="securityManager"/> 
    <property name="loginUrl" value="/ldapLogin"/> 
    <property name="unauthorizedUrl" value="/ldapLogin"/> 
    <property name="successUrl" value="/ldapLogin"/>  
    <property name="filterChainDefinitions"> 
     <value> 
      [urls] 
      /** = ssl[8443],authc, customAuthFilter 
      [main] 
      /logout = logout 
     </value> 
    </property> 
</bean> 

<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager"> 
    <property name="realms"> 
     <list> 
      <ref bean="authenticateLdapRealm"/> 
      <ref bean="authenticateDbRolesRealm"/> 
      <ref bean="DbAuthorizingRealm"/> 
     </list> 
    </property> 
    <property name="authenticator.authenticationStrategy"> 
     <bean class="org.apache.shiro.authc.pam.AllSuccessfulStrategy"/> 
    </property> 
</bean> 

<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/> 

<bean id="authenticateLdapRealm" class="security.MyJndiLdapRealm"> 
    <property name="contextFactory" ref="contextFactory" /> 
    <property name="userDnTemplate" value="cn={0},ou=REMOTE,o=OFF" /> 
</bean> 

<bean id="contextFactory" class="org.apache.shiro.realm.ldap.JndiLdapContextFactory"> 
    <property name="url" value="ldap://172.25.3.91:389"/> 
</bean> 

<bean id="authenticateDbRolesRealm" class="security.DbRolesRealm"> 
</bean> 

<bean id="SwiDbAuthorizingRealm" class="security.DbAuthorizingRealm"> 
</bean> 

<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor"/> 
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor"> 
    <property name="securityManager" ref="securityManager"/> 
</bean>

출처

2014-03-24 user1069528

어떻게 든 내 사용자 정의 필터가 문제였습니다. PassThruAuthenticationFilter로 이동하여 문제가 해결되었습니다.

출처

2014-03-25 14:22:24 user1069528

Authenitcation 실패시 Shiro LDAP 영역을 반복합니다.

답변

관련 문제